{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T15:35:11Z","timestamp":1772120111458,"version":"3.50.1"},"reference-count":21,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2024,11,14]],"date-time":"2024-11-14T00:00:00Z","timestamp":1731542400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,11,14]],"date-time":"2024-11-14T00:00:00Z","timestamp":1731542400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100005713","name":"Technische Universit\u00e4t M\u00fcnchen","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100005713","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptogr Eng"],"published-print":{"date-parts":[[2025,4]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>FPGAs promise significant performance improvements for several computations in cloud applications. However, their shared use in multi-tenant scenarios makes them susceptible to attacks. Different from classical scenarios, where the attacker has hardware access to the device, in cloud scenarios the attack is possible only from remote. As a consequence remote SCA attacks gained increasing attention in the last years. These attacks exploit that attacker and victim share with the same FPGA also the same PDN so that operation-dependent voltage fluctuations caused by the victim\u2019s IP are observable by a voltage sensor of the attacker. While previous attacks in this domain focused on cryptographic algorithms, this work provides insights in an attack on a PUF primitive, the Loop PUF. This primitive is an interesting target for the attack since it might be used, e.g., for storing or deriving secret keys on a remote FPGA. We introduce and discuss the setup of such a remote SCA using a TDC-based voltage sensor. With this sensor, we compare the performance of classical and remote SCA attacks on the Loop PUF using two different Artix-7 FPGA and demonstrate and discuss findings regarding sampling frequency and placement. This work extends and deepens the analysis from a previously published analysis at the ASHES Workshop 2022. In particular, it provides insights into the influence of repeated measurements, measurement time, and usage of multiple TDCs on the attack performance. It also discusses the applicability of the attack to further RO-based PUF primitives. Overall the results show that remote SCA attacks on PUFs in a multi-tenant FPGA scenario have to be considered as a severe attack vector in the future.<\/jats:p>","DOI":"10.1007\/s13389-024-00366-0","type":"journal-article","created":{"date-parts":[[2024,11,14]],"date-time":"2024-11-14T11:12:02Z","timestamp":1731582722000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Remote side-channel analysis of the loop PUF using a TDC-based voltage sensor"],"prefix":"10.1007","volume":"15","author":[{"given":"Matthias","family":"Probst","sequence":"first","affiliation":[]},{"given":"Lars","family":"Tebelmann","sequence":"additional","affiliation":[]},{"given":"Moritz","family":"Wettermann","sequence":"additional","affiliation":[]},{"given":"Michael","family":"Pehl","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,11,14]]},"reference":[{"key":"366_CR1","doi-asserted-by":"crossref","unstructured":"Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. Vol. 3156 of series lecture notes in computer science (LNCS), pp. 16\u201329. Springer, Berlin, Heidelberg (2004)","DOI":"10.1007\/978-3-540-28632-5_2"},{"key":"366_CR2","first-page":"346","volume-title":"Distinguishing Multiplications from Squaring Operations","author":"F Amiel","year":"2009","unstructured":"Amiel, F., Feix, B., Tunstall, M., Whelan, C., Marnane, W.P.: Distinguishing Multiplications from Squaring Operations, pp. 346\u2013360. Springer Berlin Heidelberg, Berlin (2009)"},{"key":"366_CR3","doi-asserted-by":"crossref","unstructured":"Merli, D., Schuster, D., Stumpf, F., Sigl, G.: Side-channel analysis of PUFs and fuzzy extractors. In: McCune, J.\u00a0M., et\u00a0al. (eds.) Trust and Trustworthy Computing, No. 6740 in Lecture Notes in Computer Science, pp. 33\u201347. Springer Berlin Heidelberg (2011)","DOI":"10.1007\/978-3-642-21599-5_3"},{"key":"366_CR4","doi-asserted-by":"crossref","unstructured":"Mart\u00ednez-Rodr\u00edguez, M.C., Delgado-Lozano, I.M., Brumley, B.B., SoK: remote power analysis. ARES. Association for Computing Machinery, p. 2021. New York, NY, USA (2021)","DOI":"10.1145\/3465481.3465773"},{"key":"366_CR5","doi-asserted-by":"crossref","unstructured":"Gnad, D. R.\u00a0E., Oboril, F., Kiamehr, S., Tahoori, M.\u00a0B.: Analysis of transient voltage fluctuations in FPGAs, pp. 12\u201319 (2016)","DOI":"10.1109\/FPT.2016.7929182"},{"key":"366_CR6","doi-asserted-by":"crossref","unstructured":"Zhao, M., Suh, G.\u00a0E.: FPGA-based remote power side-channel attacks, pp. 229\u2013244 (2018)","DOI":"10.1109\/SP.2018.00049"},{"key":"366_CR7","doi-asserted-by":"crossref","unstructured":"Gravellier, J., Dutertre, J., Teglia, Y., Loubet-Moundi, P.: High-speed ring oscillator based sensors for remote side-channel attacks on FPGAs, pp. 1\u20138 (2019)","DOI":"10.1109\/ReConFig48160.2019.8994789"},{"key":"366_CR8","doi-asserted-by":"crossref","unstructured":"Schellenberg, F., Gnad, D. R.\u00a0E., Moradi, A., Tahoori, M.\u00a0B.: An inside job: remote power analysis attacks on FPGAs, pp. 1111\u20131116 (2018)","DOI":"10.23919\/DATE.2018.8342177"},{"key":"366_CR9","doi-asserted-by":"crossref","unstructured":"Moini, S., Tian, S., Holcomb, D., Szefer, J., Tessier, R.: Remote power side-channel attacks on bnn accelerators in fpgas. 1639\u20131644 (2021)","DOI":"10.23919\/DATE51398.2021.9473915"},{"key":"366_CR10","doi-asserted-by":"crossref","unstructured":"Elnaggar, R., et\u00a0al. Opal: On-the-go physical attack lab to evaluate power side-channel vulnerabilities on FPGAs, pp. 1\u20138 (2021)","DOI":"10.1109\/PAINE54418.2021.9707701"},{"key":"366_CR11","doi-asserted-by":"publisher","first-page":"593","DOI":"10.1109\/TDSC.2019.2933214","volume":"18","author":"MES Elrabaa","year":"2021","unstructured":"Elrabaa, M.E.S., Al-Asli, M., Abu-Amara, M.: Secure computing enclaves using FPGAs. IEEE Trans. Dependable Secur. Comput. 18, 593\u2013604 (2021)","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"366_CR12","doi-asserted-by":"crossref","unstructured":"Tian, S., Krzywosz, A., Giechaskiel, I., Szefer, J.: Cloud fpga security with ro-based primitives. 154\u2013158 (2020)","DOI":"10.1109\/ICFPT51103.2020.00029"},{"key":"366_CR13","doi-asserted-by":"crossref","unstructured":"Merli, D., Schuster, D., Stumpf, F., Sigl, G.: Semi-invasive EM attack on FPGA RO PUFs and countermeasures. ACM (2011)","DOI":"10.1145\/2072274.2072276"},{"key":"366_CR14","first-page":"293","volume-title":"Self-secured PUF: Protecting the Loop PUF by Masking","author":"L Tebelmann","year":"2020","unstructured":"Tebelmann, L., Danger, J.-L., Pehl, M.: Self-secured PUF: Protecting the Loop PUF by Masking, pp. 293\u2013314. Springer International Publishing, Berlin (2020)"},{"key":"366_CR15","doi-asserted-by":"crossref","unstructured":"Tebelmann, L., Wettermann, M., Pehl, M.: On-Chip Side-Channel Analysis of the Loop PUF. ASHES\u201922, pp. 55-63. Association for Computing Machinery, New York, NY, USA (2022). https:\/\/doi.org\/10.1145\/3560834.3563827","DOI":"10.1145\/3560834.3563827"},{"key":"366_CR16","doi-asserted-by":"crossref","unstructured":"Cherif, Z., Danger, J., Guilley, S., Bossuet, L.: An easy-to-design PUF based on a single oscillator: the loop PUF, pp. 156\u2013162 (2012)","DOI":"10.1109\/DSD.2012.22"},{"key":"366_CR17","doi-asserted-by":"crossref","unstructured":"Rioul, O., Sol\u00e9, P., Guilley, S., Danger, J.-L.: On the entropy of physically unclonable functions, pp. 2928\u20132932 (2016)","DOI":"10.1109\/ISIT.2016.7541835"},{"key":"366_CR18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-89915-8_13","volume-title":"Analysis and Protection of the Two-Metric Helper Data Scheme","author":"L Tebelmann","year":"2021","unstructured":"Tebelmann, L., K\u00fchne, U., Danger, J.-L., Pehl, M.: Analysis and Protection of the Two-Metric Helper Data Scheme. Springer International Publishing, Berlin (2021)"},{"key":"366_CR19","doi-asserted-by":"publisher","first-page":"5121","DOI":"10.1109\/TCSI.2022.3208325","volume":"69","author":"L Tebelmann","year":"2022","unstructured":"Tebelmann, L., Danger, J.-L., Pehl, M.: Interleaved challenge loop PUF: a highly side-channel protected oscillator-based PUF. IEEE Trans. Circuits Syst. I Regul. Papers 69, 5121\u20135134 (2022)","journal-title":"IEEE Trans. Circuits Syst. I Regul. Papers"},{"key":"366_CR20","doi-asserted-by":"publisher","first-page":"1543","DOI":"10.1109\/TNS.2010.2045901","volume":"57","author":"J Wu","year":"2010","unstructured":"Wu, J.: Several key issues on implementing delay line based TDCs using FPGAs. IEEE Trans. Nucl. Sci. 57, 1543\u20131548 (2010)","journal-title":"IEEE Trans. Nucl. Sci."},{"key":"366_CR21","doi-asserted-by":"crossref","unstructured":"Adami\u010d, M., Trost, A.: A fast high-resolution time-to-digital converter implemented in a Zynq 7010 SoC, pp. 29\u201334 (2019)","DOI":"10.1109\/Austrochip.2019.00017"}],"container-title":["Journal of Cryptographic Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s13389-024-00366-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s13389-024-00366-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s13389-024-00366-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,22]],"date-time":"2025-04-22T14:09:54Z","timestamp":1745330994000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s13389-024-00366-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,14]]},"references-count":21,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2025,4]]}},"alternative-id":["366"],"URL":"https:\/\/doi.org\/10.1007\/s13389-024-00366-0","relation":{"has-preprint":[{"id-type":"doi","id":"10.21203\/rs.3.rs-3067632\/v1","asserted-by":"object"}]},"ISSN":["2190-8508","2190-8516"],"issn-type":[{"value":"2190-8508","type":"print"},{"value":"2190-8516","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,11,14]]},"assertion":[{"value":"15 June 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"9 September 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 November 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"We, the authors have no Conflict of interest as defined by Springer, or other interests that might be perceived to influence the results and\/or discussion reported in this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"Not applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}],"article-number":"1"}}